Merge pull request 'chore: cleanup nostr policy' (#6) from chore/cleanup into main

Reviewed-on: https://git.devvul.com///Asara/well-goknown/pulls/6

db/db.go

@@ -14,8 +14,7 @@ func NewDB() (*sqlx.DB, error) {
 	if err != nil {
 		l.Panic().Msg(err.Error())
 	}
-	err = db.Ping()
-	if err != nil {
+	if err = db.Ping(); err != nil {
 		l.Panic().Msg(err.Error())
 	}
 	l.Debug().Msg("connected to database")

nostr/helpers.go

@@ -0,0 +1,11 @@
+package nostr
+
+func checknPubsInDb(npubs []string) bool {
+	var uid int
+	for _, npub := range npubs {
+		if err := DB.QueryRow("SELECT id FROM users WHERE pubkey=$1", npub).Scan(&uid); err == nil {
+			return true
+		}
+	}
+	return false
+}

nostr/policies.go

@@ -0,0 +1,43 @@
+package nostr
+
+import (
+	"context"
+	"fmt"
+
+	"git.devvul.com/asara/gologger"
+	"git.devvul.com/asara/well-goknown/config"
+	"github.com/fiatjaf/khatru"
+	"github.com/nbd-wtf/go-nostr"
+)
+
+func RejectUnregisteredNpubs(ctx context.Context, event *nostr.Event) (reject bool, msg string) {
+	var err error
+	l := gologger.Get(config.GetConfig().LogLevel).With().Str("context", "nostr-reject-unregistered").Logger()
+
+	// always allow auth messages
+	if event.Kind == 22242 {
+		return false, ""
+	}
+
+	// ensure pubkey has authenticated
+	authenticatedUser := khatru.GetAuthed(ctx)
+	if authenticatedUser == "" {
+		l.Debug().Msgf("pubkey not authed: %s", event.PubKey)
+		return true, fmt.Sprintf("auth-required: interacting with this relay requires authentication")
+	}
+
+	npubs := []string{authenticatedUser}
+	// add recipients to npubs list
+	if event.Kind == 4 || event.Kind == 14 {
+		for _, npub := range event.Tags.GetAll([]string{"p"}) {
+			npubs = append(npubs, npub.Value())
+		}
+	}
+
+	// check if npubs are registered
+	if authz := checknPubsInDb(npubs); authz == false {
+		l.Debug().Msgf("kind: %v, pubkey: %s, error: %s", event.Kind, event.PubKey, err.Error())
+		return true, fmt.Sprintf("restricted: pubkey %s is not registered to any users", authenticatedUser)
+	}
+	return false, ""
+}

nostr/relay.go

@@ -2,15 +2,12 @@ package nostr
 
 import (
 	"context"
-	"fmt"
 
-	"git.devvul.com/asara/gologger"
 	"git.devvul.com/asara/well-goknown/config"
 	"github.com/fiatjaf/eventstore/postgresql"
 	"github.com/fiatjaf/khatru"
 	"github.com/fiatjaf/khatru/policies"
 	"github.com/jmoiron/sqlx"
-	"github.com/nbd-wtf/go-nostr"
 )
 
 var (
@@ -73,49 +70,3 @@ func NewRelay(version string) *khatru.Relay {
 	)
 	return relay
 }
-
-func RejectUnregisteredNpubs(ctx context.Context, event *nostr.Event) (reject bool, msg string) {
-	l := gologger.Get(config.GetConfig().LogLevel).With().Str("context", "nostr-reject-unregistered").Logger()
-
-	// always allow auth messages
-	if event.Kind == 22242 {
-		return false, ""
-	}
-
-	authenticatedUser := khatru.GetAuthed(ctx)
-	if authenticatedUser == "" {
-		l.Debug().Msgf("pubkey not authed: %s", event.PubKey)
-		return true, fmt.Sprintf("auth-required: interacting with this relay requires authentication")
-	}
-
-	// reject nip-04 messages to users who aren't registered
-	if event.Kind == 4 {
-		receiver := event.Tags.GetFirst([]string{"p"}).Value()
-		var rid int
-		err := DB.QueryRow("SELECT id FROM users WHERE pubkey=$1", receiver).Scan(&rid)
-		if err != nil {
-			rid = -1
-		}
-
-		var sid int
-		err = DB.QueryRow("SELECT id FROM users WHERE pubkey=$1", authenticatedUser).Scan(&sid)
-		if err != nil {
-			sid = -1
-		}
-
-		if rid != -1 && sid != -1 {
-			l.Debug().Msgf("pubkeys %s or %s not found to be registered", receiver, event.PubKey)
-			return true, fmt.Sprintf("restricted: nobody in this nip04 message is registered to the relay")
-		}
-		return false, ""
-	}
-
-	// check if user is registered
-	var uid int
-	err := DB.QueryRow("SELECT id FROM users WHERE pubkey=$1", authenticatedUser).Scan(&uid)
-	if err != nil {
-		l.Debug().Msgf("kind: %v, pubkey: %s, error: %s", event.Kind, event.PubKey, err.Error())
-		return true, fmt.Sprintf("restricted: pubkey %s is not registered to any users", authenticatedUser)
-	}
-	return false, ""
-}